Industry Analysis and Security Consulting

Mark Weatherford, former Deputy Under Secretary for Cybersecurity at DHS, believes the world is ready for superior cloud security. He serves as the SVP and chief cybersecurity strategist of vArmour, a data center and cloud security company. He came to the firm with years of experience, including his former roles as chief information security officer for both California and Colorado.

“Our expertise is really around helping organizations understand how they can micro-segment and use the advanced analytics that we provide to help them see, stop and secure bad things in their environment,” said Weatherford, who shared his ideas with Richard Stiennon at the 2016 RSA Conference in San Francisco. “Fundamentally, if we can get our arms around that with a company, it’s very easy to have the next level of conversations, which is, ‘How do we come into an environment and how do we take the vArmour technology and distribute it?’”

There are a lot of technical pieces in place, but Weatherford said it is “very simple to do.”

“And that’s one of the things our product team [and] our CEO have been very laser-focused on,” he added. “We’ve got to make this easy for companies to do it.”

Predicting the Cloud

Few could have imagined that cloud services would become so important, but Weatherford predicted their success long before most others caught on.

“In 2009 when I was the CISO for the State of California, I gave a speech where I said, ‘This cloud thing is going to be big. We as a security community need to be paying attention to this.’ I was actually chastised by some of my CISO colleagues after the fact, who basically said, ‘Over my dead body am I going to put my data into the cloud!’”

In the end, the naysayers were proven wrong.

“I think taking this philosophy to the CISO now and saying, ‘Listen, there’s a lot of technologies out there that are available to you in your security toolkit, but this cloud thing is new. It’s a very risky proposition to think that you’re going to depend on your firewall to be your protection.”

The Importance of Trust

If there’s one thing that matters most to Weatherford, it’s trust.

“I’ve heard 1,000 vendor pitches,” he said. “I know exactly what I hate and I know what I love. I want a couple things, and probably most importantly, I want to be able to trust you. If you ever lie to me, it’ll be the last time. But being somebody who’s empathetic to my challenges as a CISO, and being there for me as a long-term partner. If you’re just there to sell me a product and walk out the door, I’m not interested in that. Every CISO I know has 1,000 things on his list. When you get an hour of my time as a vendor, treat it like the valuable, important thing that it is.”